\ 

lll!HI II I I Mill II I 

(1D EP 1 074 906 A1 



(12) EUROPEAN PATENT APPLICATION 



(43) 


Date of publication: 


(51) mtci7: G06F 1/00, G06F 12/14, 




07.02.2001 Bulletin 2001/06 


G07F 7/10 


(21) 


Application number: 00306653.7 




(22) 


Date of filing: 04.08.2000 




(84) 


Designated Contracting States: 


(72) Inventor: Imura, Shigeru, c/o Sony Corporation 




AT BE CH CY DE DK ES Fl FR GB GR IE IT LI LU 


Tokyo (JP) 




MC NL PT SE 






Designated E)ctension States: 


(74) Representative: Ayers, Marty n Lewis Stanley 




AL LT LV MK RO SI 


J.A. KEMP & CO. 






14 South Square 


(30) 


Priority: 05.08.1999 JP 22235199 


Gray's Inn 






London WC1R5LX (GB) 


(71) 


Applicant: SONY CORPORATION 






Tokyo (JP) 





(54) Card-shaped semiconductor storage device and operation setting method of the same 




Europaisches Patentamt 
European Patent Office 
Office europeen des brevets 



(57) A CPU (31 6) and an enciphering circuit are pro- 
vided in a memory card with a construction ot a memory 
stick. Data which is inputted and outputted is enciphered 
and stored in a flash memory (31 5). A command system 
for accessing the memory stick has a public command 
system and a non-public command system for manage- 
ment. In file data which is stored in the flash memory 
(315), an access restriction, copy guard information, 



and encipherment and a personal identification number 
at the time of access can be selectively set every file 
data. In those file data, a data file including hidden file 
data manages processes. An access right is set into the 
file data and accesses for reading and writing the file 
data are restricted in accordance with the access right. 
As mentioned above, since the data is enciphered and 
stored in the flash memory (31 5), the security of the data 
to be stored is enhanced. 
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Description 

BACKGROUND OF THE INVENTION 
Field of the Invention 



[0001] The invention, particularly, relates to a card- 
shaped semiconductor storage device which is suitable 
when it is used to store data of contents that is distrib- 
uted through a network and to an operation setting 
method of such a card-shaped semiconductor storage 
device. 

Description of the Related Art 

[0002] A service to distribute music data by using the 
Internet has been started. In such a service, a site for 
distributing the music data is provided on the Internet. 
When the user selects a desired music piece by access- 
ing the site, the selected music data is transmitted via 
the Internet and downloaded to a recording medium. 
[0003] A service to distribute music by using a digital 
satellite broadcasting has been also proposed. In such 
a service, the music data for downloading and data of a 
script language such as MHEG (Multimedia and Hyper- 
media Information Coding Experts Group), XML (exten- 
sible Markup Language), or the like for forming a picture 
plane for downloading are transmitted as additional data 
by a music channel together with video data and audio 
data for providing a music program. The picture plane 
for downloading is formed by the data of the script lan- 
guage. When an instruction is given by the picture plane, 
the music data transmitted for downloading is down- 
loaded to the recording medium. 
[0004] Further, a service to distribute music by using 
a cellular phone has been proposed. According to such 
a service, when a line is connected to a predetermined 
dial number by the cellular phone, the user can receive 
the distribution of music data. When the user operates 
the cellular phone, desired music data is transmitted via 
a network of the cellular phone and downloaded to a 
recording medium loaded in the cellular phone. 
[0005] The services to provide the contents such as 
music data, printed matter, game software, and the like 
by using various transmitting media such as Internet, 
digital satellite broadcasting, cellular phone line, and the 
like as mentioned above are taken into consideration. 
In such services, the transmitted data is downloaded to 
the recording medium. 

[0006] As a recording medium for downloading the 
data of the contents as mentioned above, it is possible 
to use a magnetic disk such as floppy disk, hard disk, 
or the like or an optical disk or magneto-optical disk such 
as CD-R (CD-Recordable) or MO (Magneto-Optical). 
However, such a disk-shaped recording medium has a 
problem on vibration proof since it includes a mechani- 
cal portion, it becomes large in size, and it is difficult to 
carry outside or to easily use it. 



[0007] To solve such problems, it has been proposed 
to use a memory card called memory stick as a record- 
ing medium for downloading the data of such contents. 
[0008] The memory stick is a card-shaped nonvolatile 
5 semiconductor memory using an N AND type flash mem- 
ory. The memory stick has an access speed of about 20 
MB/sec by using a serial half duplex sync data transfer 
system instead of a parallel interface using a PCMCIA 
(Personal Computer Memory Card International Asso- 
io ciation) interface which has conventionally been widely 
used. In the memory stick, a high speed access is pos- 
sible and a memory capacity of up to about 64 MB has 
been scheduled. The capacity of 64 MB of the memory 
stick is larger than a memory capacity (1 .4 MB) of the 
is existing floppy disk and is regarded to be a capacity 
large enough to record the data of the contents. Al- 
though such a capacity is smaller than a memory ca- 
pacity (128 MB to 640 MB) of an MD (Mini Disc) or CD- 
R, the MD or CD-R is large in size because it includes 
20 the mechanism portion and is difficult to be easily han- 
dled. On the other hand, the memory stick is small, can 
be easily handled, and is excellent in vibration proof. 
[0009] For example, in case of downloading music da- 
ta, such a situation that the user reproduces the down- 
25 loaded music data by a portable headphone stereo- 
phonic apparatus or a car audio apparatus is consid- 
ered. According to such a using method, the small mem- 
ory stick having excellent vibration proof is regarded to 
be a very useful recording medium. 
30 [0010] However, in the memory stick, it is a present 
situation that a CPU is not built in and a security function 
is incomplete. In case of downloading music data, it is 
necessary to enhance the security for the purpose of 
protection of the copyright. Particularly, when the data 
35 of those contents is obtained by using the network, there 
is a method of charging by using electronic money. In 
the memory stick, since no CPU is built in, such a charg- 
ing process is difficult. 

[0011] An IC card has been known as a card in which 
40 a CPU has been built. For example, in a cellular phone 
of a GSM (Group System for Mobile Communications) 
system in Europe, an IC card called SIM which conforms 
with IS0781 6 is used. Such an I C card is used for storing 
an authentication, contents of a contract, enciphering al- 
45 gorithm, abbreviated dial numbers, and the like by a cel- 
lular phone of the GSM system. An IC card in which a 
CPU has been built is used in the field of electronic mon- 
ey such as pay television or mondex system. Such an 
IC card has a high secrecy against a copy and a forgery 
50 as compared with that of a memory card. 

[0012] However, since memory capacities are small 
and access speeds are low in those IC cards, it is difficult 
to use them for an application for storing the download- 
ed contents. 

55 

OBJECTS AND SUMMARY OF THE INVENTION 
[0013] It is, therefore, an object of the invention to pro- 
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vide a card-shaped semiconductor storage device in 
whirh the security can be enhanced and a compatibility 
wiih rin existing memory card can be realized and to pro- 
vide nn operation setting method of such a card-shaped 
s.--'m:ordu:to' storage device. 

10014) According to a preferred aspect of the inven- 
ts * i*..?rc is provided a card-shaped semiconductor 
s: * • > ■ 3cvcc having a construction of a memory card, 
cc«n;t'is ng a nonvolatile semiconductor memory; data 
in;>u! output control means for performing an input/out- 
put conrol ol data to/from the nonvolatile semiconductor 
morroiy and interface means with an external appara- 
tus herein the storage device further has enciphering 
mctns to* enciphering the data to be stored in the non- 
vo*.«t u* >er^K:onauctor memory and control means for 
cc#Mroflr>q :r>c encipherment. 

|O0i*| According to another aspect of the invention, 
tfKvc ft ;><ovood an operation setting method of a card- 
v .t^xi wjrr^corxJuctor storage device having a con- 
s' <J n rfMynory card comprising: a nonvolatile 
^"njou.t^ nmmory; data input/output control 
ma.*.* i :* porVDrmng an input/output control of data to/ 
irerr rvjnvovititc semiconductor memory; and inter- 
fere rrv> **r> ,m external apparatus, wherein the da- 
t.i e» eo: iprici od «rxJ the enciphered data is stored in the 
oc#i/^i« 4o torn»cooductor memory. 
(0014) A CPU nod an enciphering circuit are provided 
lo» tro momory card with a construction of a memory 
Mrh Trw* rut* which is inputted or outputted is enci- 
prwMorl stored m a flash memory. As command sys- 
tem to* accessing the memory stick, a public command 
system ^no « non-public command system are provid- 
ed As lot t ic data which is stored in the flash memory, 
an access imitation, copy guard information, and an en- 
apnorment and a personal identification number at the 
time ol access can be selectively set every file data. 
Processes ol those file data are managed by a data file 
inducing a hidden data file. An access right is set into 
the ftto data and accesses for reading and writing the 
file oVita arc limited in accordance with the access right. 
Snco the data is enciphered and stored in the flash 
memory as mentioned above, a security of the stored 
data is enhanced. 

[0017] The above and other objects and features of 
tho p osont invention will become apparent from the fol- 
k>*mq detailed description and the appended claims 
wflh fctoronco to the accompanying drawings. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0018] 

Fig lea block diagram for use in explanation of 
an SIM 

Fig 2 is a block diagram for use in explanation of a 
memory stick. 

Fig 3 is a block diagram of an example of a memory 
card to which the invention is applied; 



Fig. 4 is a schematic diagram for use in explanation 
of the example of the memory card to which the in- 
vention is applied; 

Fig. 5 is a block diagram for use in explanation of 
5 an encipherment in the example of the memory card 
to which the invention is applied; 
Fig. 6 is a block diagram for use in explanation of 
an encipherment in the example of the memory card 
to which the invention is applied; 
10 Figs. 7 A to 7E are schematic diagrams for use in 
explanation of a directory in the example of the 
memory card to which the invention is applied; 
Figs. 8A to 8G are schematic diagrams for use in 
explanation of a file in the example of the memory 
*5 card to which the invention is applied; 

Fig. 9 is a flowchart for use in explanation of the 
example of the memory card to which the invention 
is applied; 

Fig. 10 is a flowchart for use in explanation of the 
20 example of the memory card to which the invention 
is applied; 

Fig. 11 is a flowchart for use in explanation of the 
example of the memory card to which the invention 
is applied; and 

25 Fig. 12 is a block diagram in another example of a 
memory card to which the invention is applied. 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 

30 

[001 9] An embodiment of the invention will now be de- 
scribed in the following order. 

1. Internal construction of an SIM 
35 2. Internal construction of a memory stick 

3. Example of a smart stick 

3-1 . Construction of an example of the smart 
stick 

40 3-2. Session of an external apparatus and the 

smart stick 

3-3. About encipherment 
3-4. About a file construction 
3-5. About an access process 

45 

4. Another example of an intelligent memory stick 
1. Internal construction of an SIM 

so [0020] According to the invention, by adding a func- 
tion of an IC card called SIM to a memory card called a 
memory stick, the security can be enhanced and a com- 
patibility with the existing memory stick can be realized. 
Prior to explaining the invention, the IC card called SIM 

55 (Subscriber Identity Module)and the memory card 
called a memory stick will be described. 
[0021] The IC card called SIM is an IC card which con- 
forms with ISO (International Organization for Standard- 
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ization) 7816 and has a built-in CPU. This IC card is 
used for authenticating by a personal identification 
number of the subscriber and storing a contract contents 
enciphering algorithm, an abbreviation dial number, and 
the like by a cellular phone of a GSM (Group Special s 
Mobile) system. 

[0022] Fig. 1 is a block diagram showing an internal 
construction of an I C card called Si M. As connecting ter- 
minals for connecting the IC card to an external appa- 
ratus, a power terminal 101 , a power terminal 102 for a 
program, an input/output terminal 103 of bidirectional 
data, a clock input terminal 104, a reset input terminal 
105, and a ground terminal 106 are provided for the IC 
card. 

[0023] The power terminal 101 is used to supply an 
operating power source Vcc from the outside. A voltage 
of the operating power source Vcc is set to 5V or 3V. 
[0024] The program power terminal 102 is used for 
supplying a power source Vpp for a program to a built- 
in EEPROM (Electrically Erasable and Programmable 
ROM) 110. The EEPROM 110 is a nonvolatile memory 
which can be electrically erased. A voltage of the pro- 
gram power source Vpp which is applied to the EEP- 
ROM 110 is generally set to a value similar to the power 
voltage Vcc. There is also a device in which the program 
power source Vpp is generated in the SIM. Although a 
structure in which the program power source Vpp is sup- 
plied from the outside is shown here, its supplying meth- 
od is not essential. 

[0025] The input/output terminal 103 of bidirectional 
data is a data I/O terminal for actually inputting and out- 
putting data via a bidirectional data signal line I/O. The 
data is inputted and outputted to/from the bidirectional 
data signal line I/O through a serial/parallel converter 
107. When no data is inputted or outputted, the bidirec- 
tional data signal line I/O is maintained to almost the 
same voltage as the operating power voltage Vcc, and 
an external control apparatus and the SIM are in a state 
where they can mutually receive the data. 
[0026] A clock CLK is supplied to the clock input ter- 
minal 104. The clock CLK is a cbek for making a CPU 
(Central Processing Unit) 112 built in the SIMoperative. 
The clock CLK is properly frequency divided by a fre- 
quency divider 108 and supplied to the serial/parallel 
converter 107. The clock CLK which was frequency di- 
vided by the frequency divider 108 becomes a transfer 
clock for deciding a transfer speed of the data which is 
exchanged by the bidirectional data signal line I/O. 
[0027] A reset signal RST is supplied to the reset input 
terminal 1 05. The reset signal RST is used for initializing 
not only for the built-in CPU 112 but also the frequency 
divider 108, serial/parallel converter 107, and the like. 
[0028] The input/output of the data is performed by 
the serial/parallel converter 107 through the bidirection- 
al data signal line I/O. The serial/parallel converter 107 
converts data transmitted as serial data from the exter- 
nal apparatus into parallel data of, for example, 8 bits. 
[0029] The serial data which is inputted and outputted 



through the bidirectional data signal line I/O has such a 
structure that a start bit at the "L" level exists at the head, 
bit data having a positive logic of the LSB-f irst (or a neg- 
ative logic of the MSB-first; either the positive logic or 
the negative logic is selected by a manufacturer of the 
IC card) continues after that, and one bit of an even par- 
ity is finally added. The head of the data is detected by 
the start bit at the "L n level and the data is subsequently 
sent. An error is detected by the parity. At this time, if 
the error is detected by the parity, a signal at the "L a level 
is sent from the reception side at a specific time between 
two clocks subsequent to a parity bit. The transmission 
side, consequently, can recognize the occurrence of the 
error. When the occurrence of the error is detected, the 
transmission side transmits the same data again. 
[0030] This method is a half duplex asynchronous 
communication protocol of IS07816. The serial/parallel 
converter 107 performs a converting process between 
the serial data and the parallel data through those proc- 
esses. 

[0031] An RAM (Random Access Memory) 109 is a 
memory to/from which data can be written and read out 
anytime. The RAM 109 is used for temporarily storing 
data which is necessary when the CPU (Central 
Processing Unit) 112 executes processes or temporarily 
storing several data. 

[0032] The EEPROM 110 stores data which is used 
only therein, data which is continuously used while be- 
ing updated upon using, and the like. For example, in a 
digital cellular phone, abbreviation dials, contents of a 
contract, short message, control data for starting and 
keeping communication, or the like is stored in the EEP- 
ROM 110. 

[0033] Although the EE PROM is used here, for exam- 
ple, a flash memory can be also used in place of the 
EEPROM. 

[0034] A program to be processed by the CPU 1 1 2 is 
mainly stored in an ROM (Read Only Memory) 111. 
Processing commands comprise, for example: a public 
command system which is necessary for manufacturing 
and using the cellular phones; a non-public command 
system for management for the purpose of security, for 
example, for operating a scramble key generating unit, 
data which cannot be used by persons other than an 
issuer or an administrator, or the like; and a personal 
identification number. As mentioned above, by prepar- 
ing the non-public command system for management, 
the security function of the SIM is further enhanced. 
[0035] The frequency divider 1 08 is used to obtain a 
clock for transmitting data by using a predetermined 
transmitting route such as a bidirectional data signal line 
I/O from the clock CLK for making the CPU 112 opera- 
tive. For example, in a cellular phone system of the GSM 
system, 1/372 is used as a frequency division ratio of 
the frequency divider 108. The frequency division ratio 
can be also changed in accordance with a use object or 
a use situation. 

[0036] The CPU 112 performs processes in the SIM 
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in accordance with commands from the outside. In this 
instance, whether the access right exists therein or not 
or the like is discriminated and the processes are exe- 
cuted. 

[0037] A bus 1 1 3 for data is used to transfer data when s 
a command is read out from the RCM 111 in the case 
where the CPU 112 executes the command, when data 
is read out or written from/into the RAM 109 anytime in 
order to temporarily store the data therein, or when the 
EE PROM 110 is accessed on the basis of a request from 10 
the external apparatus. 

[0038] As mentioned above, in the IC card with the 
construction of the SIM, the data which is used only in 
the IC card, namely, the data such as abbreviation dials, 
contents of a contract, short message, control data for is 
starting and keeping communication, or the like, the da- 
ta which is continuously used while being updated upon 
using, and the like are stored in the EEPROM 110. For 
example, processing commands comprising the public 
command system which is necessary for manufacturing 20 
or using the cellular phones and the non-public com- 
mand system for management for the purpose of secu- 
rity, for example, for operating the scramble key gener- 
ating unit, data which cannot be used by persons other 
than an issuer or an administrator, or the like are stored 2s 
in the ROM 111. Data which is inputted and outputted is 
managed by the CPU 112. Therefore, an excellent se- 
curity function is guaranteed. 

2. Internal construction of a memory stick 30 

[0039] The memory card called a memory stick will 
now be described. Fig. 2 is a block diagram showing an 
internal structure of the memory stick. 
[0040] The memory stick comprises: a power terminal 35 
201 ; a data input/output terminal 202 for connecting the 
memory stick to an external apparatus; an input terminal 
203 of a bus state; an input terminal 204 of a serial clock; 
a detection terminal 205 for detecting the insertion or 
removal of the memory stick; and a ground terminal 206. 40 
[0041] Data is inputted and outputted by the data in- 
put/output terminal 202 through a bidirectional data sig- 
nal line DIO. The data signal line DIO is used for writing 
or reading out control data called a transfer protocol 
command (TPC) or the data itself. 45 
[0042] A bus state BS is supplied to the input terminal 
203 of the bus state. The bus state BS indicates a status 
for the data on the bidirectional data signal line DIO. For 
example, the processes of the memory stick are execut- 
ed by changing the state by the TPC or the data itself so 
before performing the data access. 
[0043] A transfer clock SCLK is supplied to the serial 
clock terminal 204. The transfer clock SCLK is generat- 
ed when the TPC or the data itself is transferred. The 
transfer clock SCLK is controlled by the bus state BS. ss 
[0044] The detection terminal 205 is used when the 
external apparatus detects an inserting/removal state of 
the memory stick. In the memory stick, the detection ter- 



minal 205 is connected to the ground and connected to 
a power source through a pull-up resistor by the external 
apparatus. Therefore, the detection terminal 205 is set 
to the "L" level in a state where the memory stick has 
been inserted and to the "H" level when it is removed. 
[0045] The ground terminal 206 is connected to a 
ground Vss. 

[0046] Upon writing, a serial/parallel converter 207 
converts the serial data transmitted via the bidirectional 
data signal line DIO synchronously with the transfer 
clock SCLK into parallel data of 8 bits. The control com- 
mand and the data are also converted from the serial 
data into the parallel data. 

[0047] Upon reading, the parallel data of 8 bits or the 
like stored in a flash memory 21 3 in the memory stick is 
converted into the serial data by the serial/parallel con- 
verter 207 and outputted to the external apparatus via 
the bidirectional data signal line DIO. 
[0048] A register 208 comprises a status register, a 
parameter register, an extra data register, and the like 
and controls an access to a memory in the memory stick 
by the TPC. 

[0049] A page buffer 209 is used for temporarily stor- 
ing data when the data is exchanged between the serial/ 
parallel converter 207 and flash memory 213. 
[0050] An error detection code generating unit 210 
adds an error detection code such as a CRC (Cyclic Re- 
dundancy Check) code or the like to the data to be trans- 
mitted or the data which is inputted and detects an error 
of the data to be transmitted or the data which is input- 
ted. The reliability of the data is assured by performing 
such an error detection. 

[0051] An attribute ROM 21 1 stores physical informa- 
tion in the memory stick. The information in the attribute 
ROM 21 1 is read out just after the power source was 
turned on. The external apparatus is used for checking 
a correspondence situation of this information. 
[0052] A flash l/F sequencer 21 2 controls the data be- 
tween the page buffer 209 and flash memory 21 3 on the 
basis of parameters or the like set in the register 208. 
[0053] A nonvolatile memory card comprising, for ex- 
ample, NAND type memory cells is used as a flash 
memory 213. The flash memory is partitioned on a page 
unit basis of a certain capacity and data is written and 
read out. Although there are a variety of memory capac- 
ities of the flash memory 21 3, a memory capacity of up 
to about 64 MB, for example, has been scheduled. 
[0054] As mentioned above, in the memory stick, data 
of up to about 64 MB, for example, can be stored by the 
flash memory 213. In the memory stick, an access 
speed of about 20 Mb/sec can be guaranteed by using 
the serial half duplex sync data transfer system. 

3. Example of a smart stick 

3-1. Construction of an example of the smart stick 
[0055] According to the invention, the memory card 
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with the construction of the memory stick shown in Fig. 
? is used as a basic construction and the compatibility 
with :hc »C card called SIM shown in Fig. 1 is enabled 
to be maintained on each signal line base, thereby re- 
rt\ /mq nn intelligent memory stick. The intelligent mem- 
ory i»i cK fCHl^ed as mentioned above can be used as 
,if or jtfviry memory stick and a function similar to that 
o» \r\c iC CHfd called SIM can be used. Therefore, when 
the aitn ot the contents is downloaded, the security is 
»rr»pfovcd and a charging process can be performed by 
cioct-onic money or the like. The intelligent memory 
st c k r cHii/ed as mentioned above is called a smart stick 
hc'cnbclow 

(0OS6) Fq 3 shows an example of an internal struc- 
ture of the smart stick to which the invention is applied. 
As o*n t\ V ig 3 a power terminal 301, an input/output 
lorm^i xsi oi tho bidirectional data signal line I/O, an 
rv>u? ierm»v4i 303 of a bus state, a transfer clock input 
to* 304 a detection terminal 306 for detecting the 
»iv>fi.«i a* fomovrilof the smart stick, a clock input ter- 
rr*** 306 *ie^t iiput terminal 307, and a ground ter- 
m»v* DOc nro provioed for the smart stick. 
|00ST) TKc power terminal 301 is used for supplying 
trv? oocfiiting pernor source Vcc from the outside. A volt- 
iic>c o* tr\c opcr.itng power source Vcc is set to a value 
*ir\*\ * rrioQo from 3V to 5V. 

(0OS*| Tho nput terminal 302 is a data input/output 
tormrv*i tor actually nputting and outputting the data via 
iiv* rnwnrtrjnal data signal line I/O. The bidirectional 
d«u mqt\hI Ino I/O is similar to the bidirectional data sig- 
nal tmo ( F ig 1] of the SI M or the bidirectional data signal 
Ire DtO <F.g 2) of the memory stick. 

[0059) Tho bus state BS is supplied to the input ter- 
mrv* 303 of the bus state. The bus state BS indicates 
a suus for tho data at the time when it is transferred on 
tho bidtfoctionaf data signal line by packet communica- 
tion Fot example, the processes of the memory stick 
arc exocutod by changing the state by the TPC or data 
itself oo ? oro performing the data access. An asynchro- 
nous modo n which the bus state BS is not used is also 
poss b»c to* the data input/output. This system is the half 
dupk?x asynchronous communication protocol of 
I SO 78 16 used in the SIM. 

[0060) Tho serial clock SCLK for transfer is supplied 
to the transfer clock input terminal 304. As for the trans- 
fer clock SCLK the clock generation is controlled by the 
bus stnto BS n a state oi the packet communication. 
The tirffibloi clock SCLK is not used in the half duplex 
eibyrx;tii3f>ous communication protocol. 

[0061] The detection terminal 305 is used when the 
external apparatus detects an insertion/removal state of 
the snrviri stick. In the smart stick, the detection terminal 
305 is connected to the ground and connected to a pow- 
er sourco through a pull-up resistor by the external ap- 
paratus Therefore, the detection terminal 305 is set to 
tho *L* lovol in a state where the smart stick has been 
insortod and to the 'HP level when it is removed. 
[0062] The operating clock CLK is supplied to the 



clock input terminal 306. The operating clock is supplied 
to a CPU 316 so as to make it operative. 
[0063] The reset signal RST is supplied to the reset 
input terminal 307. The built-in CPU 316 is initialized by 
5 the reset signal RST, and a serial/parallel converter 309, 
a register 31 0 for control, a scrambler 31 1 a, and the like 
are also initialized. 

[0064] The ground terminal 308 is connected to the 
ground Vss. 

10 [0065] The serial/parallel converter 309 performs a 
conversion between serial data and parallel data so that 
data can be exchanged with the external apparatus. The 
serial data is transferred between the converter 309 and 
the external apparatus via the bidirectional data signal 

15 line I/O and processes are executed in the converter by 
parallel data of 8 bits. The serial/parallel converter 309 
performs the converting process between the serial data 
and the parallel data of 8 bits. 

[0066] The register 310 comprises a status register 

20 and a control register and is used for the CPU 316 to 
monitor and control the serial/parallel converter 309. 
[0067] The scrambler 311a enciphers the data and 
enables the enciphered data to be stored. The reason 
why the data is enciphered and stored is to protect the 

25 stored data. For example, assuming that only the portion 
of a flash memory 31 5 can be removed by some meth- 
od, there is a fear that only the portion of the flash mem- 
ory 315 is taken out by some person from malice, the 
contents in the flash memory 315 are read out, and the 

30 contents or personal information written there is stolen. 
When data is stored in the flash memory 31 5, if the data 
is enciphered, even if only the portion of the flash mem- 
ory 315 was taken out and the contents were read out, 
the contents or personal information can be protected. 

35 An algorithm for encipherment by the scrambler 311a 
will be described in detail hereinlater. 
[0068] An error detection code generating unit 311b 
adds an error detection code such as a CRC (Cyclic Re- 
dundancy Check) code or the like to the data to be trans- 

40 mitted or the data which is inputted and detects an error 
of the data to be transmitted or the data which is input- 
ted. The reliability of the data is assured by performing 
such an error detection. 

[0069] A page buffer 312 is used for temporarily stor- 
es ing a predetermined data capacity and temporarily stor- 
ing data when the data is exchanged between the serial/ 
parallel converter 309 and flash memory 315. 
[0070] An RAM 31 3 is used for storing an arithmetic 
operation result, parameters : or the like which are tem- 
50 porarily generated when the CPU 316 processes the 
command inputted from the external apparatus. 
[0071] A program to be processed by the CPU 316 
has mainly been stored in the ROM 314. Processing 
commands comprise: the public command system 
55 which is necessary for manufacturing or using the cel- 
lular phones; the non-public command system for man- 
agement for the purpose of security, for example, for op- 
erating the scramble key generating unit, data which 
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cannot be used by persons other than an issuer or ad- 
ministrator; and the personal identification number. By 
preparing the non-public command system for manage- 
ment as.mentioned above, a security function is further 
enhanced. 

[0072] A program for operating files which can be 
seen from the outside, hidden files which cannot be ac- 
cessed by systems other than the command system for 
management which is used only for management and 
for processes concerned with the encryption, and the 
like has been stored in the ROM 314. 
[0073] A nonvolatile memory card comprising NAND 
type memory cells, for example, is used as a flash mem- 
ory 31 5. Both of the files which can be seen and the files 
which cannot be from the outside are also stored in the 
flash memory 315 in accordance with a directory de- 
scription or a file description, which will be explained 
hereinlater. 

[0074] The CPU 316 reads out a necessary program 
Irom the ROM 314 and executes processes anytime in 
accordance with the command transferred from the ex- 
ternal apparatus. 

3 2. Session ot an external apparatus and the smart 
stick 

[0075] How a host computer as an external apparatus 
controls the intelligent memory stick (smart stick) real- 
ized as mentioned above will now be described. 
[0076] Fig. 4 shows a session at the time when the 
external apparatus controls the foregoing smart stick. It 
is applied to the case of performing the control of the 
SIM in the conventional cellular phone of the GSM sys- 
tem 

[0077] First, the host computer supplies the power 
source Vcc, clock CLK, and reset signal RST in order to 
activate the smart stick (step ST1 ). The supplying order 
is set to the order of the power voltage Vcc, program 
power source Vpp (it is unnecessary in case of supply- 
ing the program power source in the smart stick; in case 
of supplying the program power source from the outside, 
it can be supplied simultaneously with the power source 
Vcc), clock CLK, and reset signal RST. 
[0078] When the reset signal RST is changed from the 
"L" level to the "H" level, the smart stick enters the op- 
erative mode (step ST2). In the smart stick, an initiali- 
zation adapted to receive commands from the host com- 
puter is performed. 

[0079] Subsequently, the host computer sends an ex- 
ecution command to the smart stick (step ST3). For ex- 
ample, the execution command is constructed by sev- 
eral bytes and a code has been predetermined for the 
first byte every application field. Thus, the operation of 
the multifunction can be performed. The next byte indi- 
cates a processing command code. The subsequent 
byte comprises parameters or the like which are neces- 
sary when the command is executed. 
[0080] When the smart stick receives the execution 



command from the host computer and can confirm the 
command, it returns an acknowledgment signal to the 
host computer (step ST4). 

[0081] When the host computer subsequently sends 
the command and the acknowledgment signal is re- 
turned from the smart stick, the data can be transmitted 
and received between the host computer and the smart 
stick. The data is transferred from the host computer to 
the smart stick or from the smart stick to the host com- 
puter in accordance with the contents of the execution 
command (step ST5). 

[0082] Finally, the smart stick sends a status word of 
2 bytes to the host computer in order to notify the host 
computer of an end situation of the execution command 
(step ST6). 

[0083] In the subsequent ordinary session, the oper- 
ation in a range from the transmission of the execution 
command from the host computer to the smart stick 
(step ST3) to the transmission of the status word from 
the smart stick to the host computer (step ST6) is re- 
garded as one access and the session is repeated. 

3-3. About encipherment 

[0084] As shown in Fig. 3, in the smart stick to which 
the invention is applied, the data can be enciphered and 
stored in the flash memory 31 5. A generation of an en- 
ciphering key in this instance will now be described. 
[0085] Fig. 5 shows a process for generating the en- 
ciphering key. In Fig. 5, an enciphering key operating 
circuit 403 performs an arithmetic operation of an algo- 
rithm for generating an enciphering key from two param- 
eters. The enciphering key operating circuit 403 is pro- 
vided as hardware in the scrambler 311a in Fig. 3. 
[0086] Two parameters are inputted to the encipher- 
ing key operating circuit 403 from input terminals 401 
and 402. A personal identification number (PIN) of the 
user is used as one of the parameters. The parameter 
for forming the enciphering key is not limited to the PIN 
but, for example, a subscriber's number registered in a 
company at the time of issuing the card or a code which 
is used in a specific group can be also used. 
[0087] Encipherment information Ki is used as anoth- 
er parameter. As mentioned above, as command sys- 
tems of the smart stick, there are the public command 
system and the non-public command system and the 
non-public command system cannot be used by the per- 
sons other than the issuer or administrator. The enci- 
pherment information Ki has been preset so that it can- 
not be accessed unless the non-public command sys- 
tem is used. 

[0088] The enciphering key operating circuit 403 
forms the enciphering key by using the PIN of the user 
and the encipherment information Ki as parameters. An 
enciphering key Kc formed by the enciphering key op- 
erating circuit 403 is outputted from an output terminal 
404. 

[0089] An enciphering process is performed by an en- 



10 



15 



20 



25 



30 



35 



40 



45 



50 



5DOCID: <EP 1074906A1 J_> 



7 



13 



EP 1 074 906 A1 



14 



ciphering processing circuit as shown in Fig. 6 by using 
the enciphering key Kc formed as mentioned above. 
[0090] In Fig. 6, an enciphering algorithm operating 
circuit 452 enciphers the input data by a predetermined 
enciphering algorithm and outputs the enciphered data. 
The enciphering algorithm operating circuit 452 is con- 
structed in the scrambler 311a in Fig. 3 by hardware. 
[0091] An enciphering key Kd is supplied from an in- 
put terminal 451 to the enciphering algorithm operating 
circuit 452. The enciphering key Kd is set to a value ob- 
tained by adding a variable parameter (page number at 
the time of accessing a page mode here) to the enci- 
phering key Kc obtained as an operation result shown 
in the example of formation of the encipherment in Fig. 
5. 

[0092] The reason why the value obtained by adding 
a relative number from a certain reference to the formed 
enciphering key Kc is to enhance the security. When the 
enciphering key Kc is not changed, a possibility such 
that a scrambling algorithm is predicted by comparing 
the enciphered data with a plain sentence and the en- 
cipherment is deciphered remains, so that there is a 
possibility such that it becomes a problem on security. 
[0093] Although the page number at the time of ac- 
cessing the page mode is used here as a parameter 
which changes for the enciphering key Kc, any param- 
eter can be used as such a variable parameter so long 
as the parameter at the time of input and that at the time 
of output coincide. For example, a relative value in which 
the first address where the data in an electrically rewri- 
table nonvolatile memory or a flash memory is stored is 
used as a reference can be also used. 
[0094] Data of the plain sentence (data before enci- 
pherment) is inputted from an input terminal 453 to the 
enciphering algorithm operating circuit 452. This data of 
the plain sentence denotes the data which was sent as 
serial data from the external apparatus and, thereafter, 
converted into the 8-bit parallel data by the serial/paral- 
lel converter 309. In the enciphering algorithm operating 
circuit 452, this input data is enciphered by using the 
enciphering key Kd (enciphering key Kc + page number) 
from an input terminal 451. 

[0095] The data enciphered by the enciphering algo- 
rithm operating circuit 452 is outputted from an output 
terminal 454. The enciphered data is stored in the flash 
memory 315 (Fig. 3). 

[0096] As mentioned above, the data of the plain sen- 
tence and the enciphering key (enciphering key Kc + 
page number) are supplied to the enciphering algorithm 
operating circuit 452 constructed by the hardware in the 
scrambler 311a (Fig. 3). The enciphered data is formed 
by the enciphering algorithm operating circuit 452 in ac- 
cordance with a predetermined enciphering algorithm. 
The enciphered data is outputted from the output termi- 
nal 454 and finally stored in the flash memory 31 5 (Fig. 
3)- 

[0097] The processes in the case where the data of 
the plain sentence inputted from the external apparatus 



is enciphered and stored in the flash memory 31 5 have 
been described in the above example. However, it is suf- 
ficient that the processes in the case where the data 
stored in the flash memory 315 is read out, the enci- 
5 phered data is deciphered to the data of the plain sen- 
tence, and the deciphered data is outputted to the ex- 
ternal apparatus are executed by a procedure opposite 
to the foregoing procedure. 

[0098] In case of storing the data into the flash mem- 
10 ory 31 5, it is not always necessary to encipher the data. 
It is also possible to store the plain sentence data as it 
is into the flash memory 31 5 without enciphering the da- 
ta and output it by a plain sentence from the flash mem- 
ory 31 5 as necessary. On the contrary, it is also possible 
is to encipher the data and store the enciphered data into 
the flash memory 315 and output the enciphered data 
to the external apparatus without deciphering it from the 
flash memory 315 in which the enciphered data has 
been stored. 

20 

3-4. About a file construction 

[0099] A construction of directories and files which are 
developed on the flash memory 315 will now be de- 

25 scribed. A system for such a file development is ob- 
tained by improving a file management system of the 
SIM used for the cellular phones of the GSM system. 
[01 00] Figs. 7 A to 7 E show specifications of the direc- 
tories. A description of the directories provides informa- 

30 tion of main directories and sub-directories constructed 
under the main directory. A description of the main di- 
rectories and a description of the sub-directories are 
similar. 

[0101] In the case where the smart stick to which the 

35 invention has been applied is used by the multifunction, 
for example, it is presumed to separately use the main 
directories by dividing them into a main directory for 
communication, a main directory for electronic publish- 
ing, a main directory for downloading a game, a direc- 

40 tory which can be freely used by the final user, and the 
like. In such a case, since the setting conditions of the 
security are different in dependence on their objects, 
each of those directories has management information. 
[0102] Fig. 7 shows a description of the directories. 

45 information indicating whether a capacity of the main di- 
rectories or sub-directories, the number of files, and a 
personal identification number function for security are 
provided or not, whether the clock generation can be 
stopped or not, and the like is included in the description 

50 of the directories. This information can be read out from 
the external apparatus and the directories other than the 
hidden directories for management are also used to 
control the memory stick. 

[0103] The description of the directories is mainly 
55 classified into common specifications (Fig. 7A) and 
specifications (Fig. 7B) for each application. 
[0104] First, the common specifications shown in Fig. 
7A will be described. In the common specifications, in- 
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formation is coded in a format that is common to all of 
the applications. Bytes B1 to B4 of the common speci- 
fications indicate a residual non-use memory capacity 
and show a remaining memory capacity which can be 
used for the whole smart stick. 

[0105] Bytes B5 to B20 indicate a directory ID and a 
tag. A code of two bytes and the remaining bytes are 
used as, for example, a plain sentence title or the like 
of ASCII. Although the directory ID and tag are set to 16 
bytes as an example, the more number of bytes can be 
also allocated here. 

[01 06] Byte B21 indicates a directory type and the da- 
ta for identifying the directory or file is coded. Fig. 7C 
shows an example of a coding of Byte B21 . For exam- 
ple, in case of using the card by the multifunction, the 
main directory of each application is coded to "01 h" (h 
denotes a hexadecimal notation) and the sub-directo- 
ries under the main directory are coded to m 02h m . The 
sub-directories are coded to "04h" in case of showing a 
data file. 

[0107] Bytes B22 to B27 indicate a rime stamp. The 
time stamp is information which is not used for the SIM 
in the cellular phones of the GSM system. For example, 
in the case where a directory is newly formed in a floppy 
disk, a hard disk, or the like, a time stamp is certainly 
made to enter into an agreement. The time stamp is pro- 
vided on the assumption of it. The time stamp can be 
also used for sales or electronic publishing of software 
whose use is permitted by the issuer with a time limit. 
For example, it is also possible to make a rule in such 
a manner that the contents cannot be read out if the term 
was switched with reference to the time stamp. Although 
the time stamp of up to a minute unit has been written 
as an example here, it can be also written on a second 
unit basis. 

[01 08] Bytes B28 to B29 are reserved in consideration 
of the future expansion. 

[0109] Byte B30 denotes a data length of a subse- 
quent file for application and is used for showing to 
which position as a size of the specifications for each 
application the directory description is shown. The sub- 
directory description and the data file continue after Byte 
B30, thereby enabling the application to be performed 
and enabling the memory to be effectively used. 
[0110] The specifications of each application shown 
in Fig. 7B will now be described. In Fig. 7B, Byte B31 
indicates directory characteristics. Fig. 7D shows an ex- 
ample of coding. For instance, information showing 
whether the generation of the operating clock for the 
CPU which is supplied to the smart stick can be stopped 
or not and information indicating whether the clock gen- 
eration is stopped or not when the state showing the 
case where it can be stopped is at the "H" level or the 
"L" level are coded. There is also a case where an elec- 
tric current consumption is changed in dependence on 
the state at the time when it is stopped. In the cellular 
phones or the like, a device for minimizing it as much as 
possible is made. 



[0111] Bit 8 of the directory characteristics indicates 
whether PIN1 is valid or invalid. A personal identification 
number to confirm the validity of the user mainly is set 
into PIN1 and the above state can be easily checked ... 

5 [011 2] Bytes B32 and B33 indicate the number of sub- 
directories. For example, in the case where the card is 
used by multifunction, the number of sub-directories ex- 
isting under the main directory which is set every appli- 
cation is coded. 

io [0113] Bytes B34 and B35 indicate the number of files. 
For example, in the case where the card is used by mul- 
tifunction, the number of files existing under the main 
directory and sub-directories which are set every appli- 
cation is coded. 

is [0114] Byte B36 indicates a PIN, an unblocking PIN, 
or the number of administrative codes, namely, the per- 
sonal identification number (PIN), the unblocking 
number in the case where the PIN has been blocked, or 
the number of special codes for management which 

20 have been set are shown. For example, assuming that 
two kinds of PINs have been set and, further, two kinds 
of administrative codes for the administrator which are 
not published and cannot be used have been set, Byte 
B36 is coded to a value of "4(h)". 

25 [0115] Byte B37 is reserved for the future expansion. 
[0116] Byte B38 denotes a PIN 1 status. Fig. 7E shows 
a coding of a security status. For example, if PIN1 has 
been set, Bit 8 is coded to "1". Further, if a continuous 
misinput counter has been set to "3°, it is coded to "83 

30 (h) B . In this case, if the personal identification number of 
PIN1 was continuously and erroneously inputted, the 
PIN misinput counter is set to "0", so that the user cannot 
perform the verification of PIN1 any more. This state is 
called a state where the PIN1 has been blocked. If the 

35 verification of the PIN 1 was correctly performed, the val- 
ue of the PIN misinput counter is reset to an initial value 
"3" 

[0117] Byte B39 indicates an unblocking PIN1 status. 
Fig. 7E shows the coding of the security status. For ex- 

40 ample, if PIN 1 has been set, Bit 8 of the unblocking PIN1 
status which forms a pair together with the PI N 1 is coded 
to B r. If the misinput counter of the PIN1 status is equal 
to "0" and the PIN1 has been blocked, a personal iden- 
tification number PUK (Unblocking Personal Key) is 

45 separately prepared to unblock the blocked PIN1. The 
unblocking PIN1 status shows such a state. 
[0118] For example, when the continuous misinput 
counter has been set to "10", the unblocking PIN1 status 
is also coded to "8A(h)". In this case, if the personal iden- 

50 tification number PUK1 is erroneously and continuously 
inputted ten times, the continuous misinput counter is 
set to "0" and the user cannot perform the verification of 
the personal identification number PUK1 for unblocking 
the PIN1 any more. In this state, there is only means 

55 such that the issuer or administrator reconstructs by us- 
ing the management command system used. Such a 
point also contributes to enhance the security. If the ver- 
ification of the personal identification number PUK1 for 
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unblocking the PIN1 was correctly performed, the value 
of the PUK1 misinput counter is reset to the initial value 
"10" and the user newly sets PIN1. 
[0119] Byte B40 shows a PIN2 status. Byte B41 indi- 
cates an unblocking PIN2 status. The PIN2 status and 
the unblocking PI N2 status are similar to the PIN1 status 
and the unblocking PIN1 status. 
[0120] Bytes B42 to B48 indicate an administrative 
management use and is used, for example, in case of 
using a command system which is not opened to the 
manufacturers of the cellular phones or the like. 
[0121] The file description described by information 
for directly managing the activation or the like of the data 
file will now be explained. 

[0122] Figs. 8A to 8G show a file description. The file 
description can be classified into common specifications 
(Fig. 8A) and specifications (Fig. 8B) for each applica- 
tion. 

[0123] Fig. 8A shows the common specifications. In 
Fig. 8A, bytes B1 to B4 show a file size. 
[0124] Bytes B5 to B20 indicate a file ID and a tag. A 
code of two bytes and the remaining bytes are used as, 
for example, a plain sentence title or the like of ASCII. 
Although the file ID and tag are set to 16 bytes as an 
example, the larger number of bytes can be also allo- 
cated here. 

[0125] Byte B21 indicates a file type. Fig. 8C shows 
an example of a coding. In case of a data file, Byte B21 
is coded to "04(h)". 

[0126] Bytes B22 to B27 indicate a time stamp The 
time stamp is information which is not used for the SIM 
in the cellular phones ol the GSM system. For example, 
in the case where a directory is newly formed in a floppy 
disk, a hard disk, or the like, a time stamp is certainly 
made to enter into an agreement. The time stamp is pro- 
vided on the assumption of it. The time stamp can be 
also used for sales or electronic publishing of software 
whose use is permitted by the issuer with a time limit. 
For example, it is also possible to make a rule in such 
a manner that the contents cannot be read out with ref- 
erence to the time stamp if the term was switched. Al- 
though the time stamp of up to a minute unit has been 
written as an example here, it can be also written on a 
second unit basis. 

[0127] Byte B28 shows a mode. Fig. 8D shows an ex- 
ample of a coding. For example, it denotes a file having 
a file structure in which a unit such as charging informa- 
tion or the like can be increased every predetermined 
time by one command and shows whether this com- 
mand can be executed or not. For example : it can be 
used for managing in such a manner that if the count 
value is counted up to a state where the charging infor- 
mation cannot be increased any more : this smart stick 
cannot be used, or the like. 

[0128] Bytes B29 to B32 indicate access conditions. 
Fig. 8E shows an example of coding. When the corre- 
sponding command is executed every byte, security 
conditions which need to be satisfied are set 



[0129] Byte B32 denotes access conditions of the 
smart stick. Fig. 8F shows an example of coding. Bit 1 
to Bit 4 of Byte B32 denote conditions which have to be 
satisfied when the scrambling is used. Bit 5 to Bit 8 de- 

5 note conditions which have to be satisfied when the ac- 
cess concerned with the copy is performed. Their cod- 
ings are shown by the access conditions. 
[01 30] When the access condition code is equal to *0 
(h)", it is always possible to access. When it is equal to 

10 n ^ (h) w , the access is possible in the case where the ver- 
ification of PIN1 has normally been finished. When it is 
equal to "2(h)", the access is possible in the case where 
the verification of PIN2 has normally been finished. "3 
(h) a is reserved for the future expansion. "4(h)" denotes 

is that the smart stick can be used when the non-public 
access conditions lor management are satisfied. F(h) 
indicates that the access is impossible. For example, if 
Byte B32 has been coded to "01 (h)", the scrambling can 
be used in the case where the verification of PINT was 

20 normally finished, and the copying operation can be 
freely performed. 

[0131] Byte B33 denotes a file status and shows a 
state of this file. Fig. 8G shows an example of coding. 
For example, Bit 1 indicates whether this file can be 
25 used or not. Bit 2 shows whether the recorded data has 
been scrambled or not. 

[0132] Byte B34 denotes a subsequent file data 
length for an application and is used to show a degree 
of occupation of the directory description in it in a size 

30 of the specifications for each application. The sub-direc- 
tory description and the data file continue after Byte B34, 
thereby enabling the memory to be effectively used. 
[01 33] The specifications of each application will now 
be described. Fig. 8B shows the specifications for each 

35 application. In Fig. 8B, Byte B35 indicates a structure of 
a data file and shows a logical structure of the file. 
[01 34] When the structu re of the data file is coded to 
"00(h)", the data of a certain capacity is stored as it is in 
a manner similar to the case of the ordinary memory. 

40 When it is coded to "01 (h)", the data of a certain prede- 
termined format is grouped and stored. For example, as- 
suming that data of one of the abbreviation dials con- 
sists of 50 bytes, the data of one dial is called a record 
and handled in a lump. For example, a memory of 5 

45 kbytes is assured as 100 records. When the structure 
of data file is coded to "03(h)", although the records have 
a format of the same records as those of linear fix of "02 
(h)", the order of the records can be sequentially ex- 
changed. For instance, the priority of the record is 

so changed and this record can be set to the first record. 
That is, assuming that the records starting from the first 
record, the second record, and ending to the nth 
record are received, there is a method whereby the or- 
der of the records is exchanged, the first record is set to 

55 the nth record, and the second record is newly set to the 
first record. 

[0135] Bytes B36 and B37 show a length of record 
and indicates a memory size of one record. How many 
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records can be used can be calculated from the file size 
and the length of record. 

3-5. About an access process 

5 

[0136] An accessing process of the smart stick to 
which the invention is applied will now be described 
hereinbelow with respect to several command process- 
es as examples with reference to flowcharts. 
[01 37] Fig. 9 shows the basic operation of the smart 
stick to which the invention is applied. In Fig. 9, a power 
source is supplied from the external apparatus when the 
power of the smart stick is turned on. At this time, the 
program power source Vpp of the flash memory is si- 
multaneously supplied as necessary (step S11). 
[0138] Subsequently, the operating clock of the CPU 
is supplied from the external apparatus (step SI 2). After 
that, whether the reset signal is changed from the "L" 
level to the "H" level and the CPU enters the operative 
mode or not is discriminated (step S13). 
[01 39] When the external apparatus does not activate 
the smart stick, the reset signal is not changed from the 
"L" level to the n H' level. At this time, the processing rou- 
tine advances to the power-off discrimination (step 
S20). 

[01 40] When the external apparatus has activated the 
smart stick, the reset signal is changed from the "L n level 
to the "H" level. In this instance, the processing routine 
advances to the initial setting (step S14), thereby pre- 
paring for the command reception from the external ap- 
paratus and the data exchange. 

[01 41 ] Whether the command has been inputted from 
the external apparatus in a command waiting state or 
not is discriminated (step St 5). If the command is not 
inputted, the reset signal RST is checked (step S19). 
[0142] If the command has been inputted in step S15, 
a process for outputting the acknowledgement signal is 
performed to notify the external apparatus of the fact 
that the command was received (step St 6). 
Subsequently, a data process of the outputting process 
or inputting process of the data is performed as a proc- 
ess for responding to the command (step S1 7). A status 
word is outputted to notify the external apparatus of an 
end situation of the process (step S18). 
[0143] When the status word is outputted, the reset 
signal is discriminated (step S1 9). If the reset signal RST 
is at the "H" level, whether the power source has been 
turned off or not is discriminated to receive the com- 
mand again (step S20). 

[0144] If the power source is not turned off, the reset 
signal is checked again (step S13). If the power source 
is OFF, all of the functions are stopped and the process- 
ing routine is finished (step S21). 
[0145] A process of the personal identification 
number concerned with the security will now be de- 
scribed with reference to a flowchart of Fig. 10. 
[0146] Since the processes for handling the PIN1, 
PIN2, PUK1. and PUK2 described in the directory de- 



scription are similar to those mentioned above except 
for a point that only the number of misinputs differs, they 
will be explained in a lump. 

[0147] In Fig. 10. the processing routine is started 
from step S31 when the PIN is inputted. 
[0148] Subsequently, a PIN mode for setting one of 
the PIN1, PIN2, PUK1, and PUK2 is set (step S32). 
Whether the subject PIN has been initialized in accord- 
ance with the set mode is discriminated or not (step 
S33). 

[0149] When the PIN is not initialized, a status show- 
ing that it is not initialized is outputted to the external 
apparatus (step S40) by a status word outputting proc- 
ess (step S1 8) in the main routine in the flowchart of Fig. 
9. The processing routine is finished (step S45). 
[0150] If the PIN has been initialised, whether a value 
of the misinput counter is equal to "0" or not is discrim- 
inated to check whether the PIN has been blocked or 
not. If the value of the misinput counter is equal to "0", 
the status showing that the PIN has been blocked is out- 
putted to the external apparatus (step S44). 
[0151] If the value of the misinput counter is not equal 
to n 0", since the subject PIN is not blocked, a PIN enable 
discriminating process for checking the necessity about ~ 
the function to verify the subject PIN is executed (step 
S35). If the verifying function of the subject PIN is set to 
be unnecessary, a status showing that the PIN is disen- 
able is outputted to the external apparatus (step S41 ). 
[0152] If the verifying function of the subject PIN is 
necessary, the contents of the subject PIN which have 
previously been stored are compared with the inputted 
PIN (step S36). 

[0153] Whether the pre-stored PIN and the inputted 
PIN coincide or not is discriminated (step S37). If the * 
inputted PIN is wrong, a process to decrease the count - 
value of the misinput counter is performed in order to 
update it (step S42). A status showing that the PIN is 
wrong is outputted to notify the external apparatus of the 
fact that the wrong PIN was inputted (step S43). The 
processing routine is finished (step S45). 
[0154] When the pre-stored PIN and the inputted PIN 
coincide, the misinput counter is initialized and the mis- 
input counter of the concerned PIN is also initialized 
(step S38). A status indicative of a normal end command 
is outputted (step S39). The processing routine is fin- 
ished (step S45). 

[0155] A file accessing process wilt be described as 
an example with respect to a file updating process. The 
processes for the other commands are also similarly ex- 
ecuted. 

[0156] Fig. 11 shows a flowchart for file updating. 
First, an updating command is inputted from the external 
apparatus and the processing routine is activated (step 
S51). 

[0157] The CPU subsequently sets updating condi- 
tions in order to refer to Bit 1 to Bit 4 (refer to Fig. 8F) of 
Byte B29 in which the updating conditions have been 
coded in the file description (Figs. 8A to 8G) (step S52). 
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Subsequently, the subject access condition code in the 
file description is sequentially checked. 
[01 58] Whether the access of the file has been inhib- 
ited or not is first discriminated (step S53). If the access 
has been inhibited, a status showing that the accessing 
conditions are not satisfied and notifying the external ap- 
paratus of the fact that the conditions are inadequate is 
outputted to the external apparatus (step S69). 
[01 59] If the access is not inhibited in step S53, wheth- 
er it corresponds to the verification of the code on man- 
agement or not is discriminated (step S54). If YES, a 
verification is executed (step S57). 
[0160] If it does not correspond to the code on man- 
agement, whether it corresponds to the verification on 
the PIN1 or not is discriminated (step S55). If YES, a 
verification is executed (step S57). 
[0161] If NO, since it corresponds to a verification un- 
necessary code (ALW) of the access condition code in 
the file description shown in Figs. 8A to 8G, step S58 
follows and the scrambling conditions are discriminated 
and set. 

[0162] If YES as a result of discrimination in one of 
steps S54, S55, and S56, whether the verification of the 
subject PIN or code has been finished or not is discrim- 
inated (step S57). 

[0163] If the verification of the subject PIN or code is 
not finished yet, a status showing that the verification of 
the PIN is not finished is outputted to the external appa- 
ratus (step S68). 

[0164] Subsequently, the subject access condition 
code in the file description shown in Figs. 8A to 8G is 
sequentially checked. 

[01 65] Whether it corresponds to the code verification 
on management or not is first discriminated (step S59). 
If it does not correspond to the code on management, 
whether it corresponds to the verification in the PIN1 or 
not is discriminated (step S60). If NO, whether it corre- 
sponds to the verification in the PIN2 or not is discrimi- 
nated (step S61). If NO, since it corresponds to a non- 
use code (NEV) of the access conditions in the file de- 
scription, a mode in which the scrambling is not used is 
set and the process is executed (step S67). 
[0166] If YES in one of steps S59, S60, and S61, 
whether the verification of the subject PIN or code has 
been finished or not is discriminated (step S62). If NO, 
a status showing that the verification of the PIN is un- 
successful is outputted to the external apparatus (step 
S68). 

[0167] If it is determined in step S62 that the verifica- 
tion has been finished, a process for calculating the en- 
ciphering key is executed in order to refer to the enci- 
phering key Kc (step S63). The device is set to a scram- 
bling mode so as to encipher by the compound enci- 
phering key (Kc + page number) by using the encipher- 
ing key Kc obtained here (step S64). In this instance, for 
example, the page number constructing a part of the 
compound enciphering key can be directly inputted from 
hardware. 



[0168] After whether the scrambling is used or not 
was selected before as mentioned above, the updating 
of the data is actually executed (step S65). At a point 
when the updating of all of the data has been completed, 
5 a status to notify the external apparatus of the normal 
end of the processes is outputted (step S66). The 
processing routine is finished (step S70). 

4. Another example of an intelligent memory stick , 

10 

[0169] Another example of a smart stick to which the 
invention is applied will now be described. Fig. 12 shows 
an internal structure of another example of a smart stick 
to which the invention is applied. 

is [0170] In the smart stick shown in Fig. 3, the transfer 
clock SCLK to the serial/parallel converter 309 is sup- 
plied from the clock input terminal 304. In another ex- 
ample, however, the operating clock of the CPU is fre- 
quency divided by a frequency divider 320 to thereby 

20 obtain the transfer clock SCLK. The other construction 
is similar to that in the example shown in Fig. 3 men- 
tioned above. 

[01 71] By forming the transfer clock SCLK by frequen- 
cy dividing the operating clock CLK as mentioned 
2S above, one of the signal lines regarding the clock be- 
comes unnecessary and the operation can be per- 
formed by a single clock. Thus, a burden on the external 
apparatus is reduced. 

[0172] In the example, since the relation between the 
30 transfer clock SCLK and the operating clock CLK is de- 
termined by a frequency dividing ratio of the frequency 
divider 320, frequencies of the transfer clock SCLK and 
operating clock CLK cannot be arbitrarily determined. 
The transfer clock SCLK and the operating clock CLK 
35 cannot be independently stopped. 

[0173] This is nothing but the operation correspond- 
ing to the half duplex asynchronous communication pro- 
tocol specified in 1S07816 and does not particularly be- 
comes a negative factor. Rather, a possibility as a sub- 
40 stitution for the SIM specified by the GSM or the like 
increases. 

[0174] In this example, in the case where the CPU is 
not performing the process, the operating clock can be 
stopped by a proper procedure. In the cellular phones, 
45 the function to stop the operating clock or transfer clock 
can be regarded to be effective means because it is in- 
dispensable to reduce an electric power consumption 
from a viewpoint that the cellular phone is driven by a 
battery. 

so [0175] Since the smart stick to which the invention is 
applied has therein the CPU, it can be applied not only 
to a field for storage of the contents data but also to var- 
ious fields. For example, it can be used not only as an 
external storage but also a coprocessor of a personal 

55 computer. 

[0176] According to the invention, the CPU and the 
enciphering circuit are provided for the memory card 
with the construction of the memory stick. The data 
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which is inputted and outputted is enciphered and stored 
in the flash memory. The command system for access- 
ing the memory stick has the public command system 
and the non-public command system. In the file data 
which is stored in the flash memory, the access restric- 
tion, copy guard information, and the encipherment and 
the personal identification number at the time of access 
can be selectively set every file data. The processes of 
those file data are managed by the data files including 
the hidden data files. The access right is set to the file 
data and the accesses for reading and writing the file 
data are restricted by the access right. Since the data is 
enciphered and stored in the flash memory as men- 
tioned above, the security of the data to be stored is en- 
hanced. 

[01 77] The present invention is not limited to the fore- 
going embodiments but many modifications and varia- 
tions are possible within the spirit and scope of the ap- 
pended claims of the invention. 

Claims 

1 . A card-shaped semiconductor storage device com- 
prising: 

a nonvolatile semiconductor memory; 
data input/output control means for performing 
an input/output control of data to/from said non- 
volatile semiconductor memory; 
interface means for interfacing with an external 
apparatus; 

enciphering means for enciphering the data to 
be stored in said nonvolatile semiconductor 
memory; and 

control means for controlling said encipher- 
ment. 

2. A device according to claim 1 , wherein a command 
system for accessing said nonvolatile semiconduc- 
tor memory has a public command system and a 
non-public command system for management. 

3. A device according to claim 1 or 2, wherein file data 
which is stored in said nonvolatile semiconductor 
memory includes hidden file data. 

4. A device according to claim 1 , 2 or 3, wherein in file 
data which is stored in said nonvolatile semiconduc- 
tor memory, an access restriction, copy guard infor- 
mation, and encipherment and a personal identifi- 
cation number at the time of access can be selec- 
tively set for every file data. 

5. A device according to claim 4, wherein in said file 
data which is stored in said nonvolatile semiconduc- 
tor memory, a data file including hidden data file 
manages processes. 
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6. A device according to any one of claims 1 to 5, 
wherein an access right is set into file data which is 
stored in said nonvolatile semiconductor memory, 
and accesses for reading and writing said file data 

5 are restricted in accordance with said access right. 

7. A device according to claim 6, wherein the restric- 
tion of said access right can be set by a personal 
identification number of the user. 

10 

8. A device according to any one of claims 1 to 7, 
wherein an operating clock of said control means 
and a transfer clock which is used for the data input/ 
output can be independently changed. 

15 

9. A device according to any one of claims 1 to 8, 
wherein an operating clock of said control means is 
frequency divided and used as a transfer clock for 
the data input/output. 

20 

10. A device according to any one of claims 1 to 9, 
wherein said enciphering means generates an en- 
ciphering key on the basis of parameters of person- 
al information. 

25 

11. A device according to any one of claims 1 to 10, 
wherein said enciphering means generates an en- 
ciphering key on the basis of a personal identifica- 
tion number of the user. 

30 

12. A device according to any one of claims 1 to 11, 
wherein said enciphering means generates an en- 
ciphering key on the basis of a subscriber's number. 

35 13. A device according to claim 2 or any claim when 
appendent to claim 2, wherein said enciphering 
means generates an enciphering key on the basis 
of parameters of personal information and param- 
eters which are accessed by said non-public com- 

40 mand system for management. 

14. A device according to any one of claims 1 to 13, 
wherein said enciphering means uses a compound 
value of an enciphering key formed by an encipher- 

45 jng algorithm and a variable value as an enciphering 
key. 

15. A device according to claim 1 4, wherein said varia- 
ble value is a page number at the time when a page 

50 mode is accessed. 

16. A device according to any one of claims 1 to 15, 
wherein input data is enciphered and stored in said 
nonvolatile semiconductor memory and the data 

55 read out from said nonvolatile semiconductor mem- 
ory is deciphered and outputted. 

17. A device according to any one of claims 1 to 16, 
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wherein it is possible to set either a mode in which 
input data is enciphered and stored in said nonvol- 
atile semiconductor memory and the data read out 
from said nonvolatile semiconductor memory is de- 
ciphered and outputted or a mode in which the input 
data is stored as it is in said nonvolatile semicon- 
ductor memory and the data read out from said non- 
volatile semiconductor memory is outputted as it is. 

18. A device according to any one of claims 1 to 16, 
wherein said device has: 

a mode in which input data is enciphered and 
stored in said nonvolatile semiconductor mem- 
ory and data read out from said nonvolatile 
semiconductor memory is deciphered and out- 
putted; and 

a mode in which the input data is enciphered 
and stored in said nonvolatile semiconductor 
memory and the enciphered data read out from 
said nonvolatile semiconductor memory is out- 
putted. 

19. A device according to any one of claims 1 to 16, 
wherein said device has: 

a mode in which input data is enciphered and 
stored in said nonvolatile semiconductor mem- 
ory and the data read out from said nonvolatile 
semiconductor memory is deciphered and out- 
putted; 

a mode in which the input data is stored as it is 
in said nonvolatile semiconductor memory and 
the data read out from said nonvolatile semi- 
conductor memory is outputted as it is; and 
a mode in which the input data is enciphered 
and stored in said nonvolatile semiconductor 
memory and the enciphered data read out from 
said nonvolatile semiconductor memory is out- 
putted. 

20. An operation setting method of a card-shaped sem- 
iconductor storage device having a construction of 
a memory card constructed by a nonvolatile semi- 
conductor memory, data input/output control means 
for performing an input/output control of data to/ 
from said nonvolatile semiconductor memory, and 
interface means for interfacing with an external ap- 
paratus, 

wherein said method comprises the steps of: 
enciphering the data; and 
storing said enciphered data into said nonvol- 
atile semiconductor memory. 

21. A method according to claim 20, wherein a com- 
mand system for accessing said nonvolatile semi- 
conductor memory has a public command system 



and a non -public command system for manage- 
ment. 

22. A method according to claim 20 or 21 , wherein file 
5 data which is stored in said nonvolatile semiconduc- 
tor memory includes hidden file data. 

23. A method according to claim 20, 21 or 22, wherein 
in file data which is stored in said nonvolatile sem- 

10 iconductor memory, an access restriction, copy 
guard information, and encipherment and a person- 
al identification number at the time of access can 
be selectively set for every file data. 

is 24. A method according to claim 23, wherein in said file 
data which is stored in said nonvolatile semiconduc- 
tor memory, a data file including hidden data file 
manages processes. 

25. A method according to any one of claims 20 to 24, 
wherein an access right is set into file data which is 
stored in said nonvolatile semiconductor memory, 
and accesses for reading and writing said file data 
are restricted in accordance with said access right. 

26. A method according to claim 25, wherein the restric- 
tion of said access right can be set by a personal 
identification number of the user. 

27. A method according to any one of claims 20 to 26, 
wherein an operating clock of said semiconductor 
storage device and a transfer clock which is used 
for the data input/output can be independently 
changed. 

28. A method according to any one of claims 20 to 27, 
wherein an operating clock of said semiconductor 
storage device is frequency divided and used as a 
transfer clock for the data input/output. 

29. A method according to any one of claims 20 to 28, 
wherein in said enciphering step, an enciphering 
key is generated on the basis of parameters of per- 
sonal information. 

30. A method according to any one of claims 20 to 29, 
wherein in said enciphering step, an enciphering 
key is generated on the basis of a personal identi- 
fication number of the user. 

31. A method according to any one of claims 20 to 30, 
wherein in said enciphering step, an enciphering 
key is generated on the basis of a subscriber's 
number. 

32. A method according to claim 21 or any claim when 
appendent to claim 21 , wherein in said enciphering 
step, an enciphering key is generated on the basis 
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of parameters of personal information and param- 
eters which are accessed by said non-public com- 
mand system for management. 

33. A method according to any one of claims 20 to 32, 5 
wherein in said enciphering step, a compound value 

of an enciphering key formed by an enciphering al- 
gorithm and a variable value is used as an encipher- 
ing key. 

w 

34. A method according to claim 33, wherein said var- 
iable value is a page number at the time when a 
page mode is accessed. 

35. A method according to any one of claims 20 to 34, 1$ 
wherein input data is enciphered and stored in said 
nonvolatile semiconductor memory and the data 
read out from said nonvolatile semiconductor mem- 
ory is deciphered and outputted. 

20 

36. A method according to any one of claims 20 to 35, 
wherein it is possible to set either a mode in which 
input data is enciphered and stored in said nonvol- 
atile semiconductor memory and the data read out 
from said nonvolatile semiconductor memory is de- 25 
ciphered and outputted or a mode in which the input 
data is stored as it is in said nonvolatile semicon- 
ductor memory and the data read out from said non- 
volatile semiconductor memory is outputted as it is. 

30 

37. A method according to any one of claims 20 to 35, 
wherein said method has: 

a mode in which input data is enciphered and 
stored in said nonvolatile semiconductor mem- 35 
ory and data read out from said nonvolatile 
semiconductor memory is deciphered and out- 
putted; and 

a mode in which the input data is enciphered 
and stored in said nonvolatile semiconductor 40 
memory and the enciphered data read out from 
said nonvolatile semiconductor memory is out- 
putted. 

38. A method according to any one of claims 20 to 35, 45 
wherein said method has: 

a mode in which input data is enciphered and 
stored in said nonvolatile semiconductor mem- 
ory and the data read out from said nonvolatile so 
semiconductor memory is deciphered and out- 
putted; 

a mode in which the input data is stored as it is 
in said nonvolatile semiconductor memory and 
the data read out from said nonvolatile semi- 55 
conductor memory is outputted as it is, and 
a mode in which the input data is enciphered 
and stored in said nonvolatile semiconductor 



memory and the enciphered data read out from 
said nonvolatile semiconductor memory is out- 
putted. 



SDOCID: <EP 1074906A1_I_> 



15 



EP 1 074 906 A1 




SDOCID: <EP 1074906A1_I_> 



16 



EP 1 074 906 A1 



CO 



oo o 



cvi 
CM 





cr 




UJ 


\ 


o 


\SH 


UEN 


25 


O 




LU 




CO 



<N 



00 
O 
CVi 



cr 

LLI 

o 

LU 

cr 



O 

04 



rl 

O) 
O 



o 

CM 





cr 




GE 


LLi 
U. 


o 
o 


< 


u. 


CL 


BU 


LU 



LU 



cr 

UJ 

\ yj 
co > 
z 
o 
o 



o 
o 
> 



o 

CM 



o 
5 



CO 
CD 



csj 
O 

CSJ 



CO 

o 

Cvj 



CO 



o 

CO 



o 

CVI 



LO 

o 

CVJ 



CO 
CO 
> 



7 7 



CD 
O 
CVI 



JDOCID: <EP 1074906A1 J_> 



17 



EP 1 074 906 A1 



CO 



1— 

CO 





>- 


X 


cn 


00 


o 


1 FLA 


UJ 

2 



2 



GO 

m 

Q. 

O 



CO 



CO 
CO 



O 
cr 



3 

o 



CO 



O 
CO 



CM 

T— 

CO 



00 

o 

UJ 

cn 



O) 

o 

CO 



o 
o 
> 



o 

CO 



CM 

o 

CO 



(0 





cn 


UJ 


UJ 


a 


U- 


< 


U- 


a. 


ZD 




CO 



CO 



vj 



a: 

UJ 

-j 

CD 

< 

cn 
O 

00 



O 
O 

UJ 





cr 




UJ 




h- 


a 


£E 
LU 


00 


> 








o 




o 



CO 



T 

T- 

CO 





k J 






CO 


-J 


CD 


o 




00 



00 



— i 

O 



00 



00 
00 

> 



? ? ? r 



CO 

o 

CO 



o 

CO 



T 

V 

in 
o 

CO 



"9 *~ ' 



CD 
O 
CO 



o 

CO 



00 

o 

CO 



SDOCID: <EP__. 1074906A1 _l_> 



18 



EP 1 074 906 A1 



ST1 



Fig. 4 



HOST SMART 
COMPUTER STICK 



VCC.VPP.CLK.RST 



ST2 

? SIM RUN 



ST3 

_2 COMMAND 



ST4 

^ Acknowledge (ACK) 



ST5 

_) DATA 



ST6 

) STATUS 



1074906A1 I > 



19 



EP 1 074 906 A1 



Fig. 5 



PIN 



401 

i 



402 
I KI 



403 



ENCIPHERING KEY 
OPERATING 



1 

404 



Kc 



Fig. 6 



Kd=(Kc+Page Number) 
451 



452 



Plane Text 



453 



ENCIPHERING 
ALGORITHM 
OPERATING 



Ciphered Data 454 
»-© 



ISDOCID: <EP 1074906A1_I_> 



20 



EP 1 074 906 A1 

Fig. 7A 



DIRECTORY DESCRIPTION 
COMMON SPECIFICATIONS 
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DIRECTORY ID + TAG 
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DIRECTORY TYPE 
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22-27 
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1 


Fig. 7B 
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Fig. 7E 



DIRECTORY TYPE CODING (EXAMPLE) 
00:RFU 

01:DIRECTORY 
02:SUB-DIRECTORY 
04.DATA FILE 



DIRECTORY CHARACTERISTICS (EXAMPLE) 
BIT 1:CL0CK STOP MODE 
BIT 2:RFU 

BIT 3-4:CLOCK STOP MODE 
BIT 5-7:RFU 

BIT 8:PIN1 VAUD/1NVAUD 



SECURITY STATUS (EXAMPLE) 
BIT1-4:PIN MISINPUT COUNTER 
0 INDICATES "BLOCKED" 
BIT 5-7:RFU 

BIT 8:INITIALI2ATION INFORMATION 
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Fig. 8A 
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0O:RFU 

01 -.DIRECTORY 
02:SUB-DIRECTORY 
04:DATA FILE 
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